forked from Roflin/gamenight
178 lines
5.8 KiB
Rust
178 lines
5.8 KiB
Rust
|
use crate::AppConfig;
|
||
|
use rocket::request::Outcome;
|
||
|
use jsonwebtoken::decode;
|
||
|
use crate::schema::DbConn;
|
||
|
use jsonwebtoken::DecodingKey;
|
||
|
use jsonwebtoken::Validation;
|
||
|
use rocket::State;
|
||
|
use chrono::Utc;
|
||
|
use jsonwebtoken::{Header, EncodingKey};
|
||
|
use crate::schema;
|
||
|
use std::borrow::Cow;
|
||
|
use jsonwebtoken::encode;
|
||
|
use rocket::serde::json::{Json, json, Value};
|
||
|
use rocket::http::Status;
|
||
|
use rocket::request::{self, Request, FromRequest};
|
||
|
use rocket::outcome::Outcome::{Success, Failure};
|
||
|
use serde::{Serialize, Deserialize};
|
||
|
|
||
|
pub struct Referer(String);
|
||
|
|
||
|
#[derive(Debug)]
|
||
|
pub enum ReferrerError {
|
||
|
Missing,
|
||
|
MoreThanOne
|
||
|
}
|
||
|
|
||
|
#[derive(Debug, Responder)]
|
||
|
pub enum ApiResponseVariant {
|
||
|
Status(Status),
|
||
|
// Redirect(Redirect),
|
||
|
Value(Value),
|
||
|
// Flash(Flash<Redirect>)
|
||
|
}
|
||
|
|
||
|
#[rocket::async_trait]
|
||
|
impl<'r> FromRequest<'r> for Referer {
|
||
|
type Error = ReferrerError;
|
||
|
|
||
|
async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
|
||
|
let referers : Vec<_> = req.headers().get("Referer").collect();
|
||
|
match referers.len() {
|
||
|
0 => Failure((Status::BadRequest, ReferrerError::Missing)),
|
||
|
1 => Success(Referer(referers[0].to_string())),
|
||
|
_ => Failure((Status::BadRequest, ReferrerError::MoreThanOne)),
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#[derive(Serialize, Deserialize, Debug)]
|
||
|
struct ApiResponse {
|
||
|
result: Cow<'static, str>,
|
||
|
#[serde(skip_serializing_if = "Option::is_none")]
|
||
|
message: Option::<Cow<'static, str>>,
|
||
|
#[serde(skip_serializing_if = "Option::is_none")]
|
||
|
jwt: Option::<Cow<'static, str>>
|
||
|
}
|
||
|
|
||
|
impl ApiResponse {
|
||
|
const SUCCES_RESULT: Cow<'static, str> = Cow::Borrowed("Ok");
|
||
|
const FAILURE_RESULT: Cow<'static, str> = Cow::Borrowed("Failure");
|
||
|
|
||
|
const SUCCES: Self = Self {
|
||
|
result: Self::SUCCES_RESULT,
|
||
|
message: None,
|
||
|
jwt: None
|
||
|
};
|
||
|
|
||
|
fn error(message: String) -> Self {
|
||
|
Self {
|
||
|
result: Self::FAILURE_RESULT,
|
||
|
message: Some(Cow::Owned(message)),
|
||
|
jwt: None
|
||
|
}
|
||
|
}
|
||
|
|
||
|
fn login_response(jwt: String) -> Self {
|
||
|
Self {
|
||
|
result: Self::SUCCES_RESULT,
|
||
|
message: None,
|
||
|
jwt: Some(Cow::Owned(jwt))
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#[derive(Debug)]
|
||
|
pub enum ApiError {
|
||
|
RequestError(String),
|
||
|
}
|
||
|
|
||
|
const AUTH_HEADER: &str = "Authorization";
|
||
|
const BEARER: &str = "Bearer ";
|
||
|
|
||
|
#[rocket::async_trait]
|
||
|
impl<'r> FromRequest<'r> for schema::User {
|
||
|
type Error = ApiError;
|
||
|
|
||
|
async fn from_request(req: &'r Request<'_>) -> Outcome<Self, Self::Error> {
|
||
|
let header = match req.headers().get_one(AUTH_HEADER) {
|
||
|
Some(header) => header,
|
||
|
None => return Outcome::Failure((Status::BadRequest, ApiError::RequestError("No authorization header found".to_string())))
|
||
|
};
|
||
|
|
||
|
if !header.starts_with(BEARER) {
|
||
|
return Outcome::Failure((Status::BadRequest, ApiError::RequestError("Invalid Authorization header.".to_string())))
|
||
|
};
|
||
|
|
||
|
let app_config = req.guard::<&State<AppConfig>>().await.unwrap().inner();
|
||
|
let jwt = header.trim_start_matches(BEARER).to_owned();
|
||
|
let token = match decode::<Claims>(&jwt, &DecodingKey::from_secret(app_config.jwt_secret.as_bytes()), &Validation::default()) {
|
||
|
Ok(token) => token,
|
||
|
Err(error) => return Outcome::Failure((Status::BadRequest, ApiError::RequestError(error.to_string())))
|
||
|
};
|
||
|
let id = token.claims.uid;
|
||
|
|
||
|
let conn = req.guard::<DbConn>().await.unwrap();
|
||
|
return Outcome::Success(schema::get_user(conn, id).await)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#[get("/gamenights")]
|
||
|
pub async fn gamenights(conn: DbConn, user: Option<schema::User>) -> ApiResponseVariant {
|
||
|
if user.is_some() {
|
||
|
let gamenights = schema::get_all_gamenights(conn).await;
|
||
|
ApiResponseVariant::Value(json!(gamenights))
|
||
|
}
|
||
|
else {
|
||
|
ApiResponseVariant::Status(Status::Unauthorized)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#[post("/gamenight", format = "application/json", data = "<gamenight_json>")]
|
||
|
pub async fn gamenight_post_json(conn: DbConn, user: Option<schema::User>, gamenight_json: Json<schema::GameNightNoId>) -> ApiResponseVariant {
|
||
|
if user.is_some() {
|
||
|
schema::insert_gamenight(conn, gamenight_json.into_inner()).await;
|
||
|
ApiResponseVariant::Value(json!(ApiResponse::SUCCES))
|
||
|
}
|
||
|
else {
|
||
|
ApiResponseVariant::Status(Status::Unauthorized)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#[post("/register", format = "application/json", data = "<register_json>")]
|
||
|
pub async fn register_post_json(conn: DbConn, register_json: Json<schema::Register>) -> ApiResponseVariant {
|
||
|
match schema::insert_user(conn, register_json.into_inner()).await {
|
||
|
Ok(_) => ApiResponseVariant::Value(json!(ApiResponse::SUCCES)),
|
||
|
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string())))
|
||
|
}
|
||
|
}
|
||
|
|
||
|
#[derive(Debug, Serialize, Deserialize)]
|
||
|
struct Claims {
|
||
|
exp: i64,
|
||
|
uid: i32,
|
||
|
role: schema::Role,
|
||
|
}
|
||
|
|
||
|
#[post("/login", format = "application/json", data = "<login_json>")]
|
||
|
pub async fn login_post_json(conn: DbConn, config: &State<AppConfig>, login_json: Json<schema::Login>) -> ApiResponseVariant {
|
||
|
|
||
|
match schema::login(conn, login_json.into_inner()).await {
|
||
|
Err(err) => ApiResponseVariant::Value(json!(ApiResponse::error(err.to_string()))),
|
||
|
Ok(login_result) => {
|
||
|
|
||
|
let my_claims = Claims {
|
||
|
exp: Utc::now().timestamp() + chrono::Duration::days(7).num_seconds(),
|
||
|
uid: login_result.id.unwrap(),
|
||
|
role: login_result.role.unwrap()
|
||
|
};
|
||
|
|
||
|
let secret = &config.inner().jwt_secret;
|
||
|
match encode(&Header::default(), &my_claims, &EncodingKey::from_secret(secret.as_bytes()))
|
||
|
{
|
||
|
Ok(token) => ApiResponseVariant::Value(json!(ApiResponse::login_response(token))),
|
||
|
Err(error) => ApiResponseVariant::Value(json!(ApiResponse::error(error.to_string())))
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|